Tech We’re Using: Making the Lives of Cybercriminals and Spies Harder Online

What tech tools or web services do you avoid to prevent sensitive information from being exposed?

Alexa, Google Home, Dropcam and anything that has real-time access to my home scare me to death. Likewise, I steer clear of any free music, games or entertainment services for fear of catching a virus. And I never, ever click on links in emails.

Continue reading the main story

Also, I stay far from any app that has not been vetted by Google Play or Apple. It’s disturbingly easy for cybercriminals to design apps that mimic a benign, mainstream product, then plant it in third-party app stores. Once downloaded, those apps potentially have access to every critical piece of information you store on your phone, by which I mean everything.

There was a case this year of a seemingly benign flashlight app in the Google Play store that was stealing users’ banking information. And another flashlight app the year before that was recording audio from users’ phones and sending it to Beijing. That is pretty much my worst-case scenario.

Well, actually the worst-case scenario is someone taking control of my self-driving car. It will be a while before I feel safe buying one of those.

Equifax, the credit bureau, was hacked recently. What did you do?

You mean after I slammed my head on my desk several times? The Equifax hack continues to infuriate. Here’s a company that proved to have minimal security in place, despite the fact it houses our most sensitive information — involuntarily for many of us, I’m afraid — and was hacked after two major, recent security incidents.

As for what I did, I signed up for the credit monitoring, froze my credit and then banged my head against my desk a few more times. This is actually the second time my information has been stolen. I used Anthem for insurance, which was nearly as bad. At this point, all I can do is freeze my credit, change my passwords, set stricter security settings on my life and pray.

Beyond your job, what tech product are you currently obsessed with using in your daily life?

For a tech reporter, I’m actually fairly agnostic about tech in general. I’m not one of those people constantly experimenting with the latest, greatest apps and services. I do not understand Snapchat. Do emojis count? I am bullish on emojis.

As far as my daily tech use, the first thing I do when I wake up in the morning is turn on a podcast, usually The New York Times’s “The Daily” podcast. Then I’ll check Twitter and the Times app. I use The Times’s Cooking app to plan my groceries for the week.

I do use Instacart, though I wish I wasn’t that lazy. And I am one of Spotify’s biggest users. I probably make a new playlist once a week, then I blast it through the house via Sonos. I use Google Docs and Dropbox for work. I try my best to stay off Facebook, but I do use Instagram, mostly to entertain my dog’s followers. He has his own account: “Homerthebestdog,” though we just had to change the name to accommodate our new puppy, so now it’s “HomerandHanzo.” (Sorry, Homes!)

Photo

Ms. Perlroth has a retractable cover over her laptop’s camera for security reasons.Credit
Jason Henry for The New York Times

What could be better about the tech?

My biggest beef with the tech I use is robots. As we’ve seen in recent weeks, Facebook, Google and Twitter — especially Twitter — have a huge troll and bot problem. And these aren’t your benign Twitter egg bots. These are now Russian state-backed bots. It’s amazing to see how successful some of their propaganda campaigns have been, and I don’t go a day on Twitter without coming across an obvious bot these days.

Continue reading the main story

I believe in free speech. But I do not believe in free speech for robots.

Smartphones have been equipped with fingerprint sensors for years. Now Apple is moving into face recognition for unlocking a phone. Like or dislike, and why?

That’s a tough question. I am in favor of anything that replaces passwords. Passwords are useless, annoying and security’s weakest link. So initially I applauded Apple’s move to fingerprint sensors.

The problem, of course, is that nothing is completely secure. Over the past few years, a number of security researchers have demonstrated just how successfully fingerprint sensors can be tricked. Now we are moving to facial recognition technology, which has proved to be more secure, but comes with additional privacy concerns. A number of privacy activists have said they worry Apple’s move into facial recognition will “normalize” the practice and prompt everyone from data brokers and advertisers to governments to use facial recognition technology for dodgier use cases, or surveillance.

I think they raise legitimate concerns. But I’m also of the mind-set that the people I worry most about having access to my face template — namely spies or cybercriminals I’ve angered with my reporting — will be able to access anything they want about me with enough time and resources, anyway.